-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 28 Jul 2008 18:57:39 +0200 Source: cupsys Binary: libcupsys2-dev cupsys libcupsys2 libcupsimage2 cupsys-common cupsys-client cupsys-dbg cupsys-bsd libcupsys2-gnutls10 libcupsimage2-dev Architecture: arm Version: 1.2.7-4etch4 Distribution: stable-security Urgency: high Maintainer: Debian/ARM Build Daemon Changed-By: Martin Pitt Description: cupsys - Common UNIX Printing System(tm) - server cupsys-bsd - Common UNIX Printing System(tm) - BSD commands cupsys-client - Common UNIX Printing System(tm) - client programs (SysV) cupsys-dbg - Common UNIX Printing System(tm) - debugging symbols libcupsimage2 - Common UNIX Printing System(tm) - image libs libcupsimage2-dev - Common UNIX Printing System(tm) - image development files libcupsys2 - Common UNIX Printing System(tm) - libs libcupsys2-dev - Common UNIX Printing System(tm) - development files Closes: 476305 Changes: cupsys (1.2.7-4etch4) stable-security; urgency=high . * Add 74_CVE-2008-0053.dpatch: Fix buffer overflows in filter/hpgl-input.c by crated HP-GL files; possibly exploitable to run arbitrary code. (CVE-2008-0053, upstream SVN trunk r7219) * Add 75_CVE-2008-1373.dpatch: Fix buffer overflow in GIF filter by crafted images with large code_size value; potentially exploitable to run arbitrary code. (CVE-2008-1373, STR#2765, upstream svn trunk r7420) * Add 76_CVE-2008-1722.dpatch: Fix integer overflows in PNG filter by crafted images with large dimensions; potentially exploitable to run arbitrary code. (CVE-2008-1722, STR #2790, svn trunk r7437) (Closes: #476305) Files: 02d749b77969111a813a4cba408bd74d 154878 libs optional libcupsys2_1.2.7-4etch4_arm.deb 5b2a0162f00efdcc8cd1d93e0bc7486b 85168 libs optional libcupsimage2_1.2.7-4etch4_arm.deb 5c60803b01b551503017f750bea5526e 1568968 net optional cupsys_1.2.7-4etch4_arm.deb 6566d320a557b02cf94f379b84f0dba9 78910 net optional cupsys-client_1.2.7-4etch4_arm.deb 3eb0b900c59ea118d768b1459898ea90 132040 libdevel optional libcupsys2-dev_1.2.7-4etch4_arm.deb 28a8ac4acad82bd582358e38c0c23013 48718 libdevel optional libcupsimage2-dev_1.2.7-4etch4_arm.deb 6ae06d35d6c40084adfd8bfd65866174 35936 net extra cupsys-bsd_1.2.7-4etch4_arm.deb 5c3e851e94f3a41216d7a7149839c8d4 1025732 libdevel extra cupsys-dbg_1.2.7-4etch4_arm.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSJFxs2z0hbPcukPfAQKjagf9GEobNBAgxXIyvuIYI5ZYgN/7RlHCp5uH xWEszFjxRLZrSogxaC/sgK5iXKqCbunGkyIlmbgmXuL3gOdDvdbQah6isTxrbeZF BujEYqjzacpMdmE6kjhz4GrWDjmdo5DV4RowEt49RA33w/q0q0l8CT+uovFjCuxC lKr4b6fK0aNqikzhJVwy75ly/H4lVUMuqMbjwAQwnVghpzKOf5In8n0NzA6s0thg OBW+Ri19WHBo9hUPzNcpROVccBtKEGWD7AO70FgmmTQg0kvc3DA4OtAccdAWFbtn 6k5/7kLEUfzafsUREdMOwTjiOLSj4fb9rkbKNCOPST3BlVL8ShktQw== =O92y -----END PGP SIGNATURE-----